A modern industrial plant is typically a complicated environment comprising an integrated system of automated production equipment, monitoring systems, and computers that control the equipment responsive to data provided by the monitoring systems and human instruction. By way of example, the plant may comprise: production equipment, such as production robots, and chemical reactors; component delivery systems, such as conveyor belts, and pick and place machines; and monitoring systems, such as visual inspection systems and water quality monitors. The various plant components are controlled and monitored in real time to cooperate and automatically perform a production job to which the plant is assigned by signals transmitted over a plant communication network.
Industrial automation control systems and networks were originally programmed with proprietary applications. The proprietary applications didn't interface with standard communication network applications and data processing programs that are the backbone of non-industrial communication networks and data systems that are typically used in the home and in non-manufacturing, hereinafter “enterprise”, organizations. As a result, industrial automation and control systems and networks were considered to be relatively immune to any of the various security threats, such as, denial of service attacks, viruses, worms, and unauthorized access, hereinafter referred to generically as “malware”, that often compromise software used in the home and enterprise systems.
However, as complexity of automated industrial plants and the control systems that govern them have increased, and the competitiveness of industrial plants has become increasingly dependent on their ability to respond flexibly and rapidly to changing global market conditions, industrial plants have become ever more intimately networked with enterprise network systems that use standard software, such as, Ethernet, TCP/IP, HTTP and Windows. As a result, their data and control systems have become increasingly exposed and sensitive to the same security threats that plague computers and software used in the home and in enterprise systems.
In response to increased exposure to security threats, industrial plants have adopted methods and devices to protect their data and control systems that are similar to methods and devices, such as various configurations of firewalls, which are used to protect home and enterprise communication networks and data systems.
However, malfunctioning of, and/or down time, in a modern automated industrial plant is generally extremely expensive and can carry substantial liability. Manufacturing components and processes in the plant are interdependent, and typically must operate in synchrony. Malware damage to a component of an automated industrial plant can therefore be amplified well beyond any particular damage to the component, and well beyond what might be sustained by an enterprise communication and data system or home computer data system damaged by the same malware.